Messaging app Telegram hit by 200Gbps DDoS attack

Encrypted messaging app Telegram's Asia Pacific server cluster has been under a DDoS attack since Friday morning with users in South East Asia, Oceania, Australia and parts of India getting slower connection speeds or no connection at all for several hours.

On its Twitter feed, Telegram reported yesterday that it is was the “third day of the DDoS on our Asia Pacific cluster. Now on the epic scale of 200Gbps.” 

It added on its blog that: “For the most part, it was a relatively new type of DDoS known as Tsunami SYN flood, but the attackers have shown some flexibility in their methods and adapted to changes pretty quickly.

The DDoS traffic is reported to have come from about a hundred thousand infected servers, most noticeably, in LeaseWeb BV, Hetzner Online AG, PlusServer AG, NFOrce Entertainment BV, Amazon and Comcast networks. 

“That said, the attack was distributed evenly across thousands of hosts and none contributed more than five percent of the total volume," Telegram notes.

Telegram previously saw a huge boost in users of its service back in September 2014. That spike followed a ruling by South Korean  President Park Geun-Hye that people could be prosecuted for sending any messages deemed as insulting to her or generally rumour-mongering — including private messages sent through Kakao Talk, (a Korean messaging app similar to WhatsApp or iMessage).

Now Telegram says it has again seen "a three-fold increase in signups from South Korea in the last two weeks". "We've also heard that some companies are unhappy with our new platform that allows artists to create free custom stickers for the users. Two weeks after its launch we were hit by a lesser DDoS, also aimed specifically at the Asia Pacific cluster."

Regarding attribution, Telegram says: “It could be an angry government, but an unhappy competitor seems much more likely. By now we know that the attack is being coordinated from East Asia.”

On Twitter, fingers have been pointed at China with Bruce Wagner highlighting that the service was labelled as "anti-government" by highest official newspaper. The move followed use of the service by human rights lawyers who were arrested by the government on Friday.

Pavel Durov, Telegram founder, was reported by TechCrunch  as saying: “We know nothing for sure, so we do not make any accusations.....I don't think Telegram is completely blocked in China, but the traffic from there did decrease (But) if we do get completely blocked in China, we're not going to play cat and mouse with their government at this stage. Let them block.”

Telegram emphasised that it has managed to stay online for 95 percent of our users worldwide and says it has “quite a few surprises up our sleeve” to defend the remaining five percent, adding, “Our sysadmin cyborgs are working on this 24 hours a day.

The UK could be ranked alongside South Korea and China if it prohibits private conversations online by blocking the encrypted messaging services from WhatsApp, SnapChat and iMessage, which the right-leaning Express newspaper today notes: “could be banned in the UK under strict new encryption laws."

Among 52,200 Express readers surveyed 45,000 voted against government plans for private online communications to be opened-up by the Government's ‘Snooper's Charter' – the Investigatory Powers Bill.